Thursday, January 21, 19:32
Home security Phishing email contains document that is password protected: Attention!

Phishing email contains document that is password protected: Attention!

Her researchers Palo Alto NetworksUnit 42 they discovered a new one Phishing campaign, which includes sending the email containing it documents, password protected access, as well as one νόμιμο tool remote access. The goal is gaining access to networks of the victims.

The phishing campaign started in January and uses several techniques violating victims' systems and gaining remote access to networks.

Victims receive phishing emails including a password-protected document. The message states that the password is set for protection of confidentiality data which includes the document. Most of the emails relate to refunds, online transactions, and invoices.

Ο code access is included in the phishing email.

Unlocking the document allows it to enabling macros and executes commands necessary for its subsequent stages attack. The hackers they use PowerShell to install one remote access tool and other mechanisms that will allow them to stay in the system.

The tool installed is NetSupport Manager, one νόμιμο software remote access often used in IT support.

However, if used by malicious people hackers can allow it information theft or it can help make a more risky and long-term plan. For example, it could be used by attackers for tracking the incoming and outgoing emails of the victim. That way, the attackers get information and for others users. They can then carry out other phishing attacks targeting other people.

The bad thing is that antivirus software cannot locate NetSupport Manager as malicious, because it's a legal product.

The researchers have not yet discovered the ultimate purpose of this phishing campaign. However, once macros are required, The IT administrators can protect users by disabling macros by default. In addition, users should be very careful with the emails they receive, especially if they come from unknown sources.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...